Let’s say you have servers somewhere far away, potentially hosted by your company or some other provider, but you sometimes wonder if you could ever fully trust that no one is doing anything sketchy on them. You may ask yourself, how can I prove that my machines have not been tampered with, or how can I prove that they are being tampered with? You may wonder how you can trust them. With Remote Attestation, you don’t have to wonder; you can use existing hardware solutions to prove that the machines can be trusted and are indeed in a secure state.
A feature of Keylime is runtime integrity monitoring, using the integrity management architecture (IMA).
Open /etc/keylime.conf
The following is a guide to mounting your local repository as a Docker volume and performing a test run using a TPM simulator.